Lucene search
K

27 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.12 views

CVE-2026-37596

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/managedepartment.php...

2.7CVSS5.7AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32637

CVE-2026-37596 SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh attendance/admin/manage department.php. https://t.co/mauoyzh46T...

2.7CVSS5.8AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

SourceCodester Online Employees Work From Home Attendance System 安全漏洞

SourceCodester Online Employees Work From Home Attendance System is an open-source online employee remote work attendance system developed by SourceCodester. Version 1.0 of the SourceCodester Online Employees Work From Home Attendance System contains a security vulnerability. This vulnerability...

2.7CVSS5.9AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4150

Malicious code in bioql PyPI...

5.6CVSS6.6AI score0.00311EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-52447

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00709EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-52445

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0057EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2025/08/13 4:0 p.m.11 views

Connect with the security community at Microsoft Ignite 2025

In today’s AI-powered world, security professionals are facing unprecedented challenges—and opportunities. As generative AI reshapes the digital landscape, the need for robust, intelligent, and adaptive security strategies has never been more urgent. At Microsoft Ignite 2025, we will showcase...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/08/13 4:0 p.m.3 views

Connect with the security community at Microsoft Ignite 2025

In today’s AI-powered world, security professionals are facing unprecedented challenges—and opportunities. As generative AI reshapes the digital landscape, the need for robust, intelligent, and adaptive security strategies has never been more urgent. At Microsoft Ignite 2025, we will showcase...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/16 12:26 a.m.9 views

CVE-2025-26158

A Stored Cross-Site Scripting XSS vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter...

5.6CVSS5.8AI score0.00311EPSS
Exploits1References1
NVD
NVD
added 2025/02/14 5:15 p.m.13 views

CVE-2025-26158

A Stored Cross-Site Scripting XSS vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter...

5.6CVSS0.00311EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/14 12:0 a.m.10 views

CVE-2025-26158

A Stored Cross-Site Scripting XSS vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter...

0.00311EPSS
Exploits1References1
CVE
CVE
added 2025/02/14 12:0 a.m.75 views

CVE-2025-26158

CVE-2025-26158 is a stored XSS in Kashipara Online Attendance Management System v1.0, specifically the manage-employee.php page via the department parameter. Affected component: the script handling department input; vulnerability type: stored XSS with potential script execution by an attacker. Do...

5.6CVSS5.9AI score0.00311EPSS
Exploits1References1Affected Software1
Schneier on Security
Schneier on Security
added 2024/12/14 5:1 p.m.9 views

Upcoming Speaking Events

This is a current list of where and when I am scheduled to speak: I'm speaking at a joint meeting of the Boston Chapter of the IEEE Computer Society and GBC/ACM, in Boston, Massachusetts, USA, at 7:00 PM ET on Thursday, January 9, 2025. The event will take place at the Massachusetts Institute of...

7.2AI score
Exploits0
OSV
OSV
added 2023/12/15 10:15 a.m.4 views

CVE-2023-48395

Kaifa Technology WebITR is an online attendance system, it has insufficient validation for user input within a special function. A remote attacker with regular user privilege can exploit this vulnerability to inject arbitrary SQL commands to read database...

6.5CVSS6AI score0.00709EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 10:15 a.m.17 views

CVE-2023-48394

Kaifa Technology WebITR is an online attendance system, its file uploading function does not restrict upload of file with dangerous type. A remote attacker with regular user privilege can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service...

8.8CVSS0.00886EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 10:15 a.m.22 views

CVE-2023-48393

Kaifa Technology WebITR is an online attendance system. A remote attacker with regular user privilege can obtain partial sensitive system information from error message...

4.3CVSS0.0057EPSS
Exploits0References1
Prion
Prion
added 2023/12/15 10:15 a.m.14 views

Design/Logic Flaw

Kaifa Technology WebITR is an online attendance system, it has a vulnerability in using hard-coded encryption key. An unauthenticated remote attacker can generate valid token parameter and exploit this vulnerability to access system with arbitrary user account, including administrator’s account, ...

7.5CVSS7.8AI score0.0057EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/15 9:27 a.m.44 views

CVE-2023-48395

The CVE describes an SQL injection in Kaifa Technology WebITR (online attendance system) caused by insufficient input validation in a particular function. An attacker with regular user privileges can exploit this to read the database by injecting arbitrary SQL commands. Several connected sources ...

6.5CVSS6.8AI score0.00709EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/15 9:25 a.m.52 views

CVE-2023-48394

CVE-2023-48394 affects Kaifa Technology WebITR (online attendance system). The issue lies in the file upload function, which does not restrict uploading of dangerous file types. A remote attacker with regular user privileges can upload arbitrary files to execute commands or disrupt service. Conne...

8.8CVSS9AI score0.00886EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/15 9:22 a.m.20 views

CVE-2023-48393 Kaifa Technology WebITR - Error Message Leakage

Kaifa Technology WebITR is an online attendance system. A remote attacker with regular user privilege can obtain partial sensitive system information from error message...

4.3CVSS4.8AI score0.0057EPSS
Exploits0References1
Rows per page
Query Builder